Need help in decryption of encrypted content from Outlook's right protected email message (message.rpmsg) RRS feed

  • Question

  • I'm very new to RMS. Please excuse me for any vagueness.

    I was trying to write some c++ code to read the Rights protected Outlook email message (message.rpmsg) and decrypt the RMS encrypted content.

    I was able to uncompress and read the compressed compound file, message.rpmsg, and get the required data with the help of the documentation from MSDN (https://msdn.microsoft.com/en-us/library/aa767782(v=vs.85).aspx). 

    I was able to extract the Issuance License from \0x09DRMTransform\0x06Primary stream and the encrypted content from the 0x09DRMContent stream from the compressed compound file, message.rpmsg.

    We have not found any documentation related on how the email message is encrypted/decrypted using AD RMS SDK. We've tried some code from few samples like IPCNotepad (https://code.msdn.microsoft.com/windowsdesktop/IPCNotepad-Sample-f67dae80). But, that doesn't work. The following API call does not return the template information.
            (LPVOID *)ppTemplateInfo);

    When I debug IPCNotepad sample application and print the Issuance License I see the "<DESCRIPTOR><OBJECT><ID type="MS-GUID">{83ddea92-278c-4276-8a58-e3862a85b23d}</ID><NAME>LCID 1033:NAME do not forward:DESCRIPTION do not forward;</NAME></OBJECT></DESCRIPTOR>". And this sample application is working fine. From this I understood that the issuance license itself has the template details. Where as the Issuance License from the message.rpmsg does not contain this information. But both the Issuance Licenses seem to be offline signing xml. We are not sure how to proceed furhter. 

    One more thing, I did not setup the pre-production environment. But, initialized the application in Server mode.

    We really appreciate any help. If you can send us some sample code to decrypt the encrypted content or any documentation related to the same will really help a lot.  



    Wednesday, December 16, 2015 6:50 PM

All replies

  • hi VVPrasad,

    were you able to solve your issue, i am facing the same situation as you described in your case, we have the Encrypted stream and the issuance license, what next should be done, should we follow the rms client server communication protocol, or is it possible to use the RMS SDK 2.1 to do the work after this point. 

    it would be great if you can share your findings.

    • Edited by RaniDevpr Friday, January 15, 2016 3:37 PM correction
    Friday, January 15, 2016 10:27 AM